Trump reportedly uses unsecured phone lines. Cybersecurity experts explain why those are 'so easy to hack it's scary.'
White House
A recent Washington Post report cited US officials as saying President Donald Trump had often used unsecured phones — rather than encrypted phone services meant for top government officials.
Business Insider spoke with cybersecurity experts about how hackers could gain access to phone conversations on unsecured devices.
Unsecured phones are an easy target for hackers, according to the experts, who said they were "so easy to hack it's scary."
President Donald Trump made Hillary Clinton's use of a private email server a hallmark of his 2016 campaign, but the president now regularly conducts phone calls using unsecured devices, according to a new report from The Washington Post.
Top government officials typically use encrypted phone services to protect calls or texts from being intercepted by hackers, but several officials told The Post that Trump routinely used unsecured phones.
To put that in context, Business Insider spoke with cybersecurity experts about the risks associated with unsecured phones.
Alex Heid, the chief research officer of SecurityScorecard, said that unencrypted phone services were exceptionally easy to hack.
"In some cases, it's as simple as walking into a cellphone tower, plugging in a laptop, and downloading everything," Heid said. "It's generally so easy to hack it's scary."
Kiersten Todt, the managing director of the Cyber Readiness Institute who previously served as a cybersecurity adviser to the Obama administration, said gaining access to unsecured phone activity was well within the capabilities of sophisticated hackers.
"With enough time and focus, which we know that many malicious actors have, it's certainly doable," Todt said.
Here's a breakdown of how hackers can gain access to unsecured phone activity and how encryption can protect against hacks, according to experts.
Encrypted phones have been the standard for top-ranking government officials dating back to World War II, when extensive technology was employed to protect against wiretapping.
National Security AgencyPhone encryption became much less expensive with the advent of the internet. Most encrypted phone lines now use software called "voice over internet protocol" to shield against spying.
Nam Y. Huh/APMost standard phone services, however, including calls and texts, are "basically wide open," according to Heid, who said, "It's unencrypted data stream that's broadcast over the airways."
Scott Morgan/Reuters"Hackers are constantly hacking telecom carriers," Heid said. "In some cases, it's as simple as walking into a cellphone tower, plugging in a laptop, and downloading everything."
Justin Sullivan/Getty ImagesThere are now a range of smartphone apps that provide encrypted calls and messaging services, including Signal, Wickr, and WhatsApp. The latter is used intermittently by White House officials, according to The Washington Post.
ReutersConvenience is the primary reason people opt to use unsecured rather than encrypted phone services. "There's always that trade-off between encryption and ease of use," Heid said.
Mark Wilson/Getty ImagesThere have been several instances of targeted phone hacking in the past year alone. One tactic, known as SIM swapping, involves fraudulently persuading a mobile carrier to transfer control of a phone number to a hacker's device.
Steve Kovach, Business Insider
Read more about SIM swapping here.
"Mobile security is something that the government is still struggling to prioritize," Todt said. "Given the use of smartphones across business and government use, we've got to figure it out."
AP Photo/Jacquelyn Martin
Got a tip? Contact Aaron Holmes at (706) 347-1880 or at aholmes@businessinsider.com. Open DMs on Twitter at @aaronpholmes. You can also contact Business Insider securely via SecureDrop.
Read the original article on Insider
